Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:07-11-2015 Uruchomiony przez Ja (administrator) XXX-8C2238048E0 (14-11-2015 00:16:51) Uruchomiony z C:\ Załadowane profile: Ja & Administrator (Dostępne profile: Ja & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Samsung Electronics.) C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe () C:\Program Files\AVG Secure Search\vprot.exe ( ) C:\PROGRA~1\VIDEOD~2\bar\1.bin\APPINTEGRATOR.EXE (VER_COMPANY_NAME) C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) C:\WINDOWS\mixer.exe (Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (C-Dilla Ltd) C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\loggingserver.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [Samsung Common SM] => C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [372736 2005-07-03] (Samsung Electronics.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2569616 2015-10-01] () HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.) HKLM\...\Run: [VideoDownloadConverter Home Page Guard 32 bit] => C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator.exe [421448 2014-04-05] ( ) HKLM\...\Run: [VideoDownloadConverter Search Scope Monitor] => C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe [55368 2014-04-05] (Mindspark) HKLM\...\Run: [VideoDownloadConverter_4z Browser Plugin Loader] => C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe [61512 2014-04-05] (VER_COMPANY_NAME) HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20053608 2011-05-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [C-Media Mixer] => Mixer.exe /startup HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== UWAGA HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== UWAGA Winlogon\Notify\WgaLogon: WgaLogon.dll [X] HKU\S-1-5-21-484763869-287218729-725345543-1003\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia) HKU\S-1-5-21-484763869-287218729-725345543-1003\...\Run: [NokiaPCInternetAccess] => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b HKU\S-1-5-21-484763869-287218729-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-484763869-287218729-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.) HKU\S-1-5-21-484763869-287218729-725345543-500\...\RunOnce: [Del450640] => cmd.exe /Q /D /c del "C:\DOCUME~1\ADMINI~1.000\USTAWI~1\Temp\0.del" <===== UWAGA ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-03-15] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) Startup: C:\Documents and Settings\Ja\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-04-29] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * aswBoot.exe /M:29cec3ea4378 /dir:C:\Program ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{3FD5B081-5FC5-4C89-8409-D7A135ED5451}: [NameServer] 80.244.128.1,192.168.0.1 Tcpip\..\Interfaces\{6F95C182-4630-4158-8322-2717EB88B2F6}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{96B58E71-3D75-4E7F-9229-5EE99F79BF48}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{9FF5B77E-2C31-4761-B57A-093C21DE69A4}: [DhcpNameServer] 192.168.1.1 192.168.100.1 Tcpip\..\Interfaces\{C312DAD9-89FB-42B9-822A-8161B4768736}: [DhcpNameServer] 194.204.159.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-484763869-287218729-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-484763869-287218729-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.onet.pl/# HKU\S-1-5-21-484763869-287218729-725345543-1003\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=7012A0F3C1320345 HKU\S-1-5-21-484763869-287218729-725345543-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-484763869-287218729-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-484763869-287218729-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=7012A0F3C1320345 HKU\S-1-5-21-484763869-287218729-725345543-500\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=7012A0F3C1320345 URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) URLSearchHook: HKU\S-1-5-21-484763869-287218729-725345543-1003 - (Brak nazwy) - {93a3111f-4f74-4ed8-895e-d9708497629e} - Brak pliku URLSearchHook: [S-1-5-21-484763869-287218729-725345543-500] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^pl&si=pconvIE&ptb=B3C08734-4B05-4A09-A3F8-9B80B65B6874&ind=2014040507&n=780bd1bb&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKLM -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=658f9106-3646-11e1-a41e-001d92fcc647&q={searchTerms} SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^pl&si=pconvIE&ptb=B3C08734-4B05-4A09-A3F8-9B80B65B6874&ind=2014040507&n=780bd1bb&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> DefaultScope {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=PL&install_date=20130208&user_guid=9ABB1EEF6AF84127A188AA841AE180F6&machine_id=f17123d12604361b6e951b71ec099dee&browser=IE&os=win&os_version=5.1-x86-SP2&iesrc={referrer:source} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {043C5167-00BB-4324-AF7E-62013FAEDACF} URL = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=118722&tt=0313_3&babsrc=SP_ss&mntrId=7012dd250000000000008c89a56842bf SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.22find.com/web/?utm_source=b&utm_medium=501&from=501&uid=SAMSUNGXHD252HJ_S17HJ9DQ402510&ts=1359556467 SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {AE18CCFC-EB56-403E-988D-63288173B42F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=75f87e41-f4b0-4882-91da-0be8bf89eb67&apn_sauid=EC6FC408-320B-4E88-91F9-250DCC496F21 SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=PL&install_date=20130208&user_guid=9ABB1EEF6AF84127A188AA841AE180F6&machine_id=f17123d12604361b6e951b71ec099dee&browser=IE&os=win&os_version=5.1-x86-SP2&iesrc={referrer:source} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^pl&si=pconvIE&ptb=B3C08734-4B05-4A09-A3F8-9B80B65B6874&ind=2014040507&n=780bd1bb&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> {F2B5AF9F-1C92-4912-9D12-B96FB65BA847} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=108603&babsrc=SP_ss&mntrId=7012dd25000000000000001d92fcc647 SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-500 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKU\S-1-5-21-484763869-287218729-725345543-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=7012A0F3C1320345 BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05] (McAfee, Inc.) BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16] (AOL LLC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-25] (Sun Microsystems, Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-15] (Avast Software s.r.o.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.) BHO: Brak nazwy -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> Brak pliku BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-25] (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-25] (Sun Microsystems, Inc.) Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16] (AOL LLC.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.) Toolbar: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16] (AOL LLC.) Toolbar: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku Toolbar: HKU\S-1-5-21-484763869-287218729-725345543-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.) DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/B/0/6/B06D48C0-917B-44E2-92E0-6B3E159624A6/wmv9vcm.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll [2015-10-01] (AVG Secure Search) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default FF Session Restore: -> [funkcja włączona] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.9.0\\npsitesafety.dll [Brak pliku] FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-25] (Sun Microsystems, Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [2014-04-05] (Mindspark) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF user.js: detected! => C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\user.js [2014-08-13] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-25] (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2012-01-02] (StartSearch ) FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\aol-search.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\askcom.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\babylon1.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\daemon-search.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\startsear.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\SweetIM Search.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\winamp-search.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\yahoo-zugo.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF SearchPlugin: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\searchplugins\youtube.xml.id-9850759202_helpme@freespeechmail.org [2015-10-26] FF Extension: VideoDownloadConverter - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\Extensions\4zffxtbr@www.videodownloadconverter.com [2015-09-12] [Brak podpisu cyfrowego] FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-10-26] [Brak podpisu cyfrowego] FF Extension: Video DownloadHelper - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-31] FF Extension: Adblock Plus - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\2t6dtlxw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-28] FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-10-17] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-02-25] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\statuswinks@StatusWinks FF Extension: Smiley Bar for Facebook - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\statuswinks@StatusWinks [2013-01-16] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-15] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-18] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-484763869-287218729-725345543-1003\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\statuswinks@StatusWinks Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://kl.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=PL&install_date=20130208&user_guid=9ABB1EEF6AF84127A188AA841AE180F6&machine_id=f17123d12604361b6e951b71ec099dee&browser=CR&os=win&os_version=5.1-x86-SP2" CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.86\pdf.dll => Brak pliku CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\46.0.2490.86\gears.dll => Brak pliku CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => Brak pliku CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Brak pliku CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Brak pliku CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => Brak pliku CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll => Brak pliku CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll => Brak pliku CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll => Brak pliku CHR Profile: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13] CHR Extension: (Google Search) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13] CHR Extension: (Smiley Bar for Facebook) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih [2014-05-13] [UpdateUrl: hxxps://dl.addonupdater.com/statuswinks/update.chrome.xml] <==== UWAGA CHR Extension: (AVG Security Toolbar) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-10] CHR Extension: (Gmail) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-14] CHR HKLM\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files\StartSearch plugin\startsplg.crx CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Dane aplikacji\BabSolution\CR\Delta.crx [2013-05-23] CHR HKLM\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files\WebCake\WebCakeLayers.crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-15] CHR HKLM\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Documents and Settings\Ja\Dane aplikacji\StatusWinks\statuswinks.crx [2012-11-05] CHR HKLM\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-01-30] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28] CHR HKU\S-1-5-21-484763869-287218729-725345543-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Documents and Settings\Ja\Dane aplikacji\StartNow Toolbar\CR\zcrx.crx [2013-02-08] StartMenuInternet: chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.22find.com/?utm_source=b&utm_medium=501&from=501&uid=SAMSUNGXHD252HJ_S17HJ9DQ402510&ts=1359556452 ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-15] (Avast Software s.r.o.) R2 C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [39936 2008-07-30] (C-Dilla Ltd) [Brak podpisu cyfrowego] S4 desksvc; C:\Program Files\Desk 365\deskSvc.exe [271440 2013-02-06] (337 Technology Limited.) <==== UWAGA R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-02-25] (Sun Microsystems, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S2 VideoDownloadConverter_4zService; C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [88648 2014-04-05] (COMPANYVERS_NAME) R2 vToolbarUpdater18.9.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-10-01] (AVG Secure Search) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1606976 2010-10-21] (Atheros Communications, Inc.) S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-15] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-15] (Avast Software s.r.o.) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-03-15] (Avast Software s.r.o.) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-15] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-15] (Avast Software s.r.o.) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427480 2015-03-15] (Avast Software s.r.o.) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-03-15] (Avast Software s.r.o.) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206976 2015-03-15] () R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2011-05-27] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R2 CdaC15BA; C:\WINDOWS\system32\drivers\CDAC15BA.SYS [8864 2008-10-21] () [Brak podpisu cyfrowego] R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc) R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [Brak podpisu cyfrowego] R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation) S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2012-01-01] (Windows (R) 2000 DDK provider) R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [65136 2011-03-22] (Atheros Communications, Inc.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2011-05-27] () S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105344 2006-08-21] (NVIDIA Corporation) S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-09-11] (NVIDIA Corporation) S3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-09-11] (NVIDIA Corporation) S3 rtl8180; C:\WINDOWS\System32\DRIVERS\RTL8180.SYS [317824 2013-02-18] (Realtek Semiconductor Corporation) [Brak podpisu cyfrowego] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2011-05-27] () [Brak podpisu cyfrowego] S3 V0400Afx; C:\WINDOWS\System32\DRIVERS\V0400Afx.sys [160256 2009-09-03] (Creative Technology Ltd.) [Brak podpisu cyfrowego] S3 VF0400Vid; C:\WINDOWS\System32\DRIVERS\V0400Vid.sys [192096 2010-01-04] (Creative Technology Ltd.) [Brak podpisu cyfrowego] S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X] S3 AEAudio; system32\drivers\AEAudio.sys [X] S3 catchme; \??\C:\DOCUME~1\Ja\USTAWI~1\Temp\catchme.sys [X] S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X] S3 EverestDriver; \??\C:\Documents and Settings\Ja\Pulpit\everestultimate_build_1066\kerneld.wnt [X] S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X] S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S3 SenFiltService; system32\drivers\Senfilt.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-14 00:16 - 2015-11-14 00:16 - 00034679 _____ C:\FRST.txt 2015-11-14 00:16 - 2015-11-13 23:58 - 01702400 _____ (Farbar) C:\FRST.exe 2015-11-14 00:00 - 2015-11-14 00:16 - 00000000 ____D C:\FRST 2015-11-13 21:54 - 2015-11-14 00:48 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2015-11-13 19:40 - 2015-11-13 19:40 - 00000000 _____ C:\Documents and Settings\Ja\Pulpit\Nowy Dokument tekstowy.txt 2015-11-11 13:35 - 2015-11-11 13:46 - 00032260 _____ C:\Documents and Settings\Ja\Pulpit\ANKIETA MISYJNA AB.doc.id-6844075619_helpme@freespeechmail.org 2015-11-11 11:11 - 2015-11-11 13:48 - 00030212 _____ C:\Documents and Settings\Ja\Pulpit\Pasterka 2010.doc.id-6844075619_helpme@freespeechmail.org 2015-11-11 06:58 - 2015-11-11 13:48 - 00028164 _____ C:\Documents and Settings\Ja\Pulpit\Sprzedaż Działki.doc.id-6844075619_helpme@freespeechmail.org 2015-11-10 14:54 - 2015-11-11 13:46 - 00354820 _____ C:\Documents and Settings\Ja\Pulpit\33 Niedziela Zwykła RB 15.11.2015.doc.id-6844075619_helpme@freespeechmail.org 2015-11-10 14:54 - 2015-11-11 13:46 - 00020068 _____ C:\Documents and Settings\Ja\Pulpit\List KEP NOWE ŻYCIE W CHRYSTUSIE.docx.id-6844075619_helpme@freespeechmail.org 2015-11-10 14:54 - 2015-11-11 13:46 - 00010196 _____ C:\Documents and Settings\Ja\Pulpit\JUBILEUSZ 1050 Wskazania duszpasterskie.odt.id-6844075619_helpme@freespeechmail.org 2015-11-09 15:39 - 2015-11-11 13:48 - 00013268 _____ C:\Documents and Settings\Ja\Pulpit\Sprzedaż Działki.docx.id-6844075619_helpme@freespeechmail.org 2015-11-09 14:03 - 2015-11-11 13:46 - 00012340 _____ C:\Documents and Settings\Ja\Pulpit\Kolęda Misyjna.docx.id-6844075619_helpme@freespeechmail.org 2015-11-09 14:02 - 2015-11-11 13:48 - 00027140 _____ C:\Documents and Settings\Ja\Pulpit\Scenka Kolęda Misyjna 2015.doc.id-6844075619_helpme@freespeechmail.org 2015-11-09 13:44 - 2015-11-11 13:48 - 00015396 _____ C:\Documents and Settings\Ja\Pulpit\O.D. I N. Adwentu.docx.id-6844075619_helpme@freespeechmail.org 2015-11-09 08:27 - 2015-11-11 13:48 - 00013620 _____ C:\Documents and Settings\Ja\Pulpit\O.D. Chrystusa Króla B.docx.id-6844075619_helpme@freespeechmail.org 2015-10-27 07:49 - 2015-11-11 13:49 - 05890816 ____H C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db.id-6844075619_helpme@freespeechmail.org 2015-10-24 13:53 - 2015-11-11 13:46 - 00045572 _____ C:\Documents and Settings\Ja\Pulpit\List KEP KOŚCIÓŁ PRZEŚLADOWANY.doc.id-6844075619_helpme@freespeechmail.org 2015-10-21 09:05 - 2015-11-11 13:48 - 00017748 _____ C:\Documents and Settings\Ja\Pulpit\ZAKOŃCZENIE ROKU.docx.id-6844075619_helpme@freespeechmail.org 2015-10-21 07:47 - 2015-11-11 13:48 - 00014932 _____ C:\Documents and Settings\Ja\Pulpit\O.D.XXXIII B.docx.id-6844075619_helpme@freespeechmail.org 2015-10-17 16:22 - 2015-10-17 16:35 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-14 00:46 - 2013-06-17 21:28 - 00000000 ____D C:\Program Files\WebCake 2015-11-14 00:46 - 2013-01-16 15:06 - 00000000 ____D C:\Program Files\File Scout 2015-11-14 00:46 - 2008-07-29 13:52 - 00000803 _____ C:\Documents and Settings\Ja\Menu Start\Programy\Internet Explorer.lnk 2015-11-14 00:46 - 2008-07-29 13:52 - 00000000 ___RD C:\Documents and Settings\Ja\Menu Start\Programy\Autostart 2015-11-14 00:17 - 2012-08-24 13:31 - 00000000 ____D C:\Documents and Settings\Ja\Ustawienia lokalne\temp 2015-11-13 23:50 - 2014-12-29 19:34 - 00344047 _____ C:\WINDOWS\setupapi.log 2015-11-13 23:50 - 2013-04-09 21:14 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-11-13 23:50 - 2008-07-29 15:42 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-11-13 23:50 - 2008-07-29 14:36 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Skype 2015-11-13 23:49 - 2014-03-27 19:35 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-11-13 23:49 - 2010-11-09 15:36 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-13 23:49 - 2008-07-29 15:42 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-11-13 23:49 - 2008-07-29 13:58 - 00131144 _____ C:\WINDOWS\system32\nvapps.xml 2015-11-13 23:49 - 2008-07-29 13:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-13 20:51 - 2008-07-29 13:52 - 00000188 ___SH C:\Documents and Settings\Ja\ntuser.ini 2015-11-13 20:51 - 2008-07-29 13:50 - 00032624 _____ C:\WINDOWS\SchedLgU.Txt 2015-11-13 20:51 - 2008-07-29 13:46 - 01825764 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-13 20:49 - 2012-06-11 06:39 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-13 20:30 - 2010-11-09 15:36 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-13 20:02 - 2008-07-29 15:37 - 00194393 _____ C:\WINDOWS\setupact.log 2015-11-13 19:40 - 2008-07-29 13:52 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit 2015-11-13 19:31 - 2010-11-09 15:38 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-11-13 19:23 - 2015-10-05 12:47 - 00000456 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{594808F7-7914-45C0-87A2-06406202F1B5}.job 2015-11-13 19:18 - 2001-07-22 01:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-11-12 08:07 - 2008-07-29 13:52 - 00000000 ___RD C:\Documents and Settings\Ja\Ulubione 2015-11-12 07:52 - 2013-07-17 08:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-12 07:41 - 2013-04-09 19:01 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-11 17:05 - 2008-07-29 13:52 - 00000000 ___RD C:\Documents and Settings\Ja\Moje dokumenty 2015-11-11 13:59 - 2011-02-23 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office 2015-11-11 13:59 - 2011-02-23 15:30 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2015-11-11 13:49 - 2014-06-18 08:05 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\Zdjęcia 2015-11-11 13:49 - 2008-07-29 13:52 - 00000000 ___HD C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji 2015-11-11 13:48 - 2015-09-04 08:36 - 00034308 _____ C:\Documents and Settings\Ja\Pulpit\Wypominki A 7.30.doc.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-09-04 08:36 - 00016228 _____ C:\Documents and Settings\Ja\Pulpit\Wypominki B 10.00.docx.org 2015-11-11 13:48 - 2015-08-21 08:53 - 00016788 _____ C:\Documents and Settings\Ja\Pulpit\Wychowanie.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-08-21 08:09 - 00019636 _____ C:\Documents and Settings\Ja\Pulpit\Podsumowanie wizytacji kanonicznej.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-08-17 11:55 - 00012052 _____ C:\Documents and Settings\Ja\Pulpit\Po wizytacji.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-06-08 13:17 - 00020628 _____ C:\Documents and Settings\Ja\Pulpit\Myśli.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-05-27 14:42 - 00012884 _____ C:\Documents and Settings\Ja\Pulpit\Tak mało miłości w naszym życiu.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2015-01-02 17:24 - 00032031 _____ C:\Documents and Settings\Ja\Pulpit\Ogłoszenia Varia.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2014-08-20 09:30 - 00015300 _____ C:\Documents and Settings\Ja\Pulpit\Varia.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2014-08-15 08:28 - 00013716 _____ C:\Documents and Settings\Ja\Pulpit\Pogrzeb.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2014-06-26 12:39 - 00030145 _____ C:\Documents and Settings\Ja\Pulpit\Myśli do kazań.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2014-05-12 11:39 - 00016884 _____ C:\Documents and Settings\Ja\Pulpit\Myśli pogrzebowe.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2014-01-03 09:40 - 00138244 _____ C:\Documents and Settings\Ja\Pulpit\Pomoce do kazań pogrzebowych PRACOWITE RĘCE.doc.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2012-08-11 12:27 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\MP3 2015-11-11 13:48 - 2010-09-03 14:56 - 00194564 ___SH C:\Documents and Settings\Ja\Pulpit\Thumbs.db.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:48 - 2008-10-27 15:33 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\Nieużywane skróty pulpitu 2015-11-11 13:47 - 2008-07-29 13:52 - 00000000 ___RD C:\Documents and Settings\Ja\Pulpit\Moje obrazy 2015-11-11 13:46 - 2015-09-07 08:41 - 00013716 _____ C:\Documents and Settings\Ja\Pulpit\Klasa II.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2015-05-25 14:58 - 00013268 _____ C:\Documents and Settings\Ja\Pulpit\HISTORIA PARAFII I KOŚCIOŁA W DĄBRÓWKACH BREŃSKICH.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2015-05-01 10:40 - 00019684 _____ C:\Documents and Settings\Ja\Pulpit\Kazania pogrzebowe.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2015-04-09 11:28 - 00016644 _____ C:\Documents and Settings\Ja\Pulpit\Homilie poogrzebowe.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2015-01-30 09:05 - 00017236 _____ C:\Documents and Settings\Ja\Pulpit\kazanie.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2015-01-17 12:05 - 00017140 _____ C:\Documents and Settings\Ja\Pulpit\Kazaanie pogrzebowe.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2014-12-30 15:28 - 00000000 ___RD C:\Documents and Settings\Ja\Pulpit\Moje dokumenty 2015-11-11 13:46 - 2014-08-20 09:52 - 00018260 _____ C:\Documents and Settings\Ja\Pulpit\Kazanie pogrzebowe.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2014-06-12 18:55 - 00015796 _____ C:\Documents and Settings\Ja\Pulpit\Lipiny.docx.id-6844075619_helpme@freespeechmail.org 2015-11-11 13:46 - 2014-05-13 19:13 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\katechezy video 2015-11-11 13:46 - 2008-07-29 13:52 - 00000000 ___RD C:\Documents and Settings\Ja\Pulpit\Moja muzyka 2015-11-11 07:50 - 2012-06-11 06:39 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-11-11 07:50 - 2011-05-23 05:06 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-11-11 07:49 - 2015-10-14 14:49 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-10-27 06:47 - 2008-07-29 15:40 - 01145840 ____C C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-27 06:47 - 2001-10-26 19:15 - 00511136 _____ C:\WINDOWS\system32\perfh015.dat 2015-10-27 06:47 - 2001-10-26 19:15 - 00094182 _____ C:\WINDOWS\system32\perfc015.dat 2015-10-26 15:31 - 2015-10-10 09:22 - 00031748 _____ C:\Documents and Settings\Ja\Moje dokumenty\Konspekt IV przykazanie.doc.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:31 - 2014-08-04 09:26 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\BENIN 2015-10-26 15:31 - 2014-04-13 16:27 - 00000000 ___HD C:\Documents and Settings\Ja\Pulpit\.picasaoriginals 2015-10-26 15:31 - 2011-07-16 07:36 - 00000000 ____D C:\Documents and Settings\Ja\Moje dokumenty\Filmy 2015-10-26 15:31 - 2010-04-06 17:54 - 00000000 ____D C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie 2015-10-26 15:31 - 2008-11-10 15:48 - 00000180 ___HC C:\Documents and Settings\Ja\Moje dokumenty\~$ÓLNE WPROWADZENIE DO MSZAŁU RZYMSKIEGO.doc.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:31 - 2008-07-30 09:11 - 00000180 ___HC C:\Documents and Settings\Ja\Moje dokumenty\~$edziela po polsku.doc.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:31 - 2008-07-29 15:39 - 00000000 ___HD C:\Documents and Settings\Default User\Szablony 2015-10-26 15:31 - 2008-07-29 15:39 - 00000000 ___HD C:\Documents and Settings\All Users\Szablony 2015-10-26 15:30 - 2013-08-21 14:53 - 00000000 ___SD C:\Documents and Settings\Ja\GG dysk 2015-10-26 15:30 - 2013-04-09 20:20 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-10-26 15:30 - 2013-01-30 15:14 - 00000000 ____D C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Torpedo 2015-10-26 15:30 - 2012-08-07 12:26 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\uTorrent 2015-10-26 15:30 - 2008-10-13 12:56 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Winamp 2015-10-26 15:29 - 2014-08-13 10:44 - 00021300 _____ C:\ComboFix.txt.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:29 - 2013-06-17 21:27 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Dane aplikacji\Babylon 2015-10-26 15:29 - 2013-04-09 05:02 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Dane aplikacji\TestApp 2015-10-26 15:29 - 2013-04-08 21:31 - 03712660 ____H C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Ustawienia lokalne\Dane aplikacji\IconCache.db.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:29 - 2013-04-08 21:25 - 00000000 ___HD C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Ustawienia lokalne\Dane aplikacji 2015-10-26 15:29 - 2013-04-08 21:25 - 00000000 ___HD C:\Documents and Settings\Administrator.XXX-8C2238048E0.000\Szablony 2015-10-26 15:29 - 2013-01-30 15:34 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Desk 365 2015-10-26 15:29 - 2012-08-26 21:13 - 00000000 ____D C:\ComboFix(2) 2015-10-26 15:29 - 2012-08-24 13:32 - 03184660 ____H C:\Documents and Settings\Administrator.XXX-8C2238048E0\Ustawienia lokalne\Dane aplikacji\IconCache.db.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:29 - 2012-08-24 13:21 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-8C2238048E0\Ustawienia lokalne\Dane aplikacji 2015-10-26 15:29 - 2012-08-24 13:21 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-8C2238048E0\Szablony 2015-10-26 15:29 - 2012-01-18 16:40 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Babylon 2015-10-26 15:29 - 2010-01-19 09:03 - 00000000 ____D C:\Documents and Settings\Administrator\Szablony 2015-10-26 15:28 - 2012-08-11 20:46 - 04809338 ____H C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:28 - 2010-05-04 18:17 - 00000000 ____D C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google 2015-10-26 15:27 - 2014-10-17 07:16 - 00000180 ____H C:\Documents and Settings\Ja\Pulpit\~$D.XXIX NZ.docx.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:27 - 2014-06-26 08:52 - 00000180 ____H C:\Documents and Settings\Ja\Pulpit\~$oczystość Piotra i Pawła.doc.id-9850759202_helpme@freespeechmail.org 2015-10-26 15:27 - 2008-07-29 13:52 - 00000000 ___HD C:\Documents and Settings\Ja\Szablony 2015-10-26 15:26 - 2011-02-09 08:24 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\ZBIÓR --Kazania 2015-10-22 07:34 - 2013-04-08 14:44 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive 2015-10-19 12:42 - 2008-07-30 07:48 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2015-10-18 05:25 - 2012-09-29 07:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-06-17 21:11 - 2013-06-17 21:19 - 0000004 _____ () C:\Documents and Settings\Ja\Dane aplikacji\skype.ini 2008-07-29 14:49 - 2013-01-20 17:50 - 0129024 _____ () C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Ja\Ustawienia lokalne\temp\1reff.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\ggdrive-menu.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\ggdrive-overlay.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\installstats.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\SkypeSetup.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\{68336CC4-E9AF-4FF8-9F5D-248D1FD94E18}-46.0.2490.86_46.0.2490.80_chrome_updater.exe C:\Documents and Settings\Ja\Ustawienia lokalne\temp\{7AEA8465-9397-4450-B394-50A4AE2CB4A7}-37.0.2062.120_chrome_installer.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================